- Forums
- Knowledge Base
- Customer Service
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEDR
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPortal
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Forums
- Support Forum
- RE: certificate problems with RDP within a SSLVPN...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
certificate problems with RDP within a SSLVPN? (Portal not Tunnel Mode)
Hello,
has anybody experienced any certificate problems with RDP sessions within a SSLVPN portal?
Regards,
Sylvia
5 REPLIES 5
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yes, in fact it' s normal because using the portal, the RDP client connects to 127.0.0.1:someport
The certificate present on the server is signed in order to be called using the server name and not an IP address or the localhost address.
I can' t see any solution to that problem at present. BTW Fortinet is not the only one using this technique in order to connect to remote ressources using a SSLVPN portal.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Kess,
yes, that' s true.
My problem is, that there is one client (Windows Vista) will get the certificate error but cannot continue. Even though he accepts the error message. The RDP session still doesn' t start...
Regards,
Sylvia
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Sorry if I reply so late...
Well, if you have other working machines it means that your FG settings are working.
In that case the problem relies on your vista desktop. At present I can only see just one place where to change something, the mstsc.exe settings.
On your Vista PC execute your client (mstsc.exe), click on " options" , choose the " Advanced" tab and have a look at the " Server Authentication" section. There you' ll probably find your " wrong" setup.
Let me know
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Kess,
thanks for your reply.
But we are not talking about the tunnel mode, so the local mstsc.exe of the client shouldn' t be involved.
Regards,
Sylvia
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
In fact it' s not like this. I tested it in this moment, when you click on that RDP Bookmark it calls up the Native Windows RDP client.
You can easily check this by monitoring your active processes... You' ll see a new mstsc.exe showing up when you click on your RDP Bookmark.
This is also the reason because RDP bookmarks are not showed up in the iPhone Fortinet SSLVPN Client.
So, to resolve your problem, please check what I wrote in my other post. Modify your " Default.rdp" of this windows client and you' ll see everything working perfectly.
Hope it helps.
Bye Kess.
Related Posts
- IPsec tunnel stability issue - two... 169 Views
- FortiOS 7.2.4 IPSec split-tunnel breaks local... 170 Views
- NAT traversal fixed broken BGP ? 172 Views
- Forticlient VPN Only on Linux 220 Views
- Forticlient stopped working with Okta 206 Views
Labels
-
FortiGate
6,482 -
FortiClient
1,293 -
5.2
801 -
5.4
639 -
FortiManager
563 -
6.0
416 -
FortiAnalyzer
413 -
5.6
362 -
FortiSwitch
331 -
FortiAP
330 -
FortiClient EMS
259 -
6.2
251 -
FortiMail
239 -
FortiAuthenticator v5.5
234 -
5.0
196 -
FortiWeb
149 -
6.4
128 -
FortiNAC
103 -
FortiGuard
102 -
FortiGateCloud
86 -
FortiSIEM
86 -
FortiCloud Products
82 -
FortiToken
69 -
IPsec
69 -
Customer Service
69 -
4.0MR3
64 -
Wireless Controller
58 -
SSL-VPN
57 -
FortiProxy
44 -
FortiADC
42 -
Fortivoice
41 -
FortiEDR
39 -
FortiGate v5.4
34 -
FortiDNS
34 -
FortiExtender
31 -
FortiSandbox
30 -
FortiSwitch v6.4
28 -
FortiConnect
23 -
SD-WAN
23 -
FortiWAN
22 -
Firewall policy
22 -
FortiConverter
21 -
High Availability
20 -
VLAN
18 -
FortiPortal
17 -
ZTNA
16 -
FortiSwitch v6.2
16 -
FortiGate v5.2
16 -
FortiMonitor
14 -
Certificate
14 -
DNS
13 -
FortiDDoS
13 -
BGP
12 -
Routing
12 -
FortiCASB
12 -
SAML
11 -
Interface
11 -
Logging
11 -
FortiGate v5.0
10 -
FortiRecorder
10 -
VDOM
10 -
FortiWeb v5.0
9 -
LDAP
9 -
FortiManager v5.0
9 -
4.0MR2
9 -
RADIUS
8 -
Traffic shaping
8 -
Virtual IP
8 -
FortiAuthenticator
8 -
RMA Information and Announcements
7 -
FortiSOAR
7 -
fortilink
7 -
FortiAnalyzer v5.0
7 -
NAT
7 -
FortiGate v4.0 MR3
7 -
Admin
7 -
4.0
7 -
SSID
6 -
Authentication
6 -
Fortigate Cloud
6 -
IP address management - IPAM
6 -
SSL SSH inspection
5 -
Security profile
5 -
Traffic shaping policy
5 -
FortiBridge
5 -
SNMP
5 -
SSO
5 -
Application control
5 -
FortiManager v4.0
5 -
Static route
5 -
FortiDirector
4 -
WAN optimization
4 -
Web application firewall profile
4 -
DNS Filter
4 -
FortiTester
4 -
FortiCarrier
4 -
FortiCache
4 -
OSPF
4 -
3.6
4 -
FortiScan
4 -
Proxy policy
4 -
IPS signature
3 -
packet capture
3 -
FortiToken Cloud
3 -
Intrusion prevention
3 -
Automation
3 -
DoS policy
3 -
Port policy
3 -
FortiDB
3 -
FortiDeceptor
2 -
FortiInsight
2 -
VoIP profile
2 -
Antivirus profile
2 -
Web profile
2 -
Traffic shaping profile
2 -
FortiAP profile
2 -
FortiAI
2 -
FortiHypervisor
2 -
Netflow
2 -
trunk
2 -
SDN connector
1 -
4.0MR1
1 -
NAC policy
1 -
Users
1 -
Subscription Renewal Policy
1 -
FortiCWP
1 -
FortiNDR
1 -
Web rating
1 -
FortiPAM
1 -
Application signature
1 -
Multicast routing
1 -
Authentication rule and scheme
1 -
Zone
1 -
FortiManager-VM
1 -
Internet Service Database
1 -
Fortinet Engage Partner Program
1 -
System settings
1 -
Explicit proxy
1 -
TACACS
1
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.